rpms
/
ostree
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Backport a1c1c0b500 

To aid https://github.com/coreos/fedora-coreos-config/pull/2783
This commit is contained in:
Colin Walters 2024-01-04 15:52:38 -05:00
parent a447541e7a
commit 68a1444bcb
2 changed files with 57 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
0001-prepare-root-Fix-composefs-ostree-admin-unlock-hotfi.patch Normal file
View File

@ -0,0 +1,53 @@
From a1c1c0b500d23ff129adbfe9486a067788b24969 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Wed, 3 Jan 2024 14:01:38 -0500
Subject: [PATCH] prepare-root: Fix composefs + ostree admin unlock --hotfix
compat
There's a test case for `ostree admin unlock --hotfix` that
runs in FCOS, not here; it breaks when enabling composefs.
The reason is because the composefs is mounted readonly, and
we tried to remount it writable. Instead of trying to remount
the rootfs writable at this point forcibly, honor the
*real* sysroot readonly state flag from the underlying FS before
we mounted the composefs.
Note that in FCOS derivatives we always have the root mounted
writable via `rw` on the kernel cmdline and this is the default
general expectation now with ostree usage.
---
src/switchroot/ostree-prepare-root.c | 17 +++++------------
1 file changed, 5 insertions(+), 12 deletions(-)
diff --git a/src/switchroot/ostree-prepare-root.c b/src/switchroot/ostree-prepare-root.c
index 1a0539e1..d7c44e97 100644
--- a/src/switchroot/ostree-prepare-root.c
+++ b/src/switchroot/ostree-prepare-root.c
@@ -639,18 +639,11 @@ main (int argc, char *argv[])
const char usr_ovl_options[]
= "lowerdir=" TMP_SYSROOT "/usr,upperdir=.usr-ovl-upper,workdir=.usr-ovl-work";
- /* Except overlayfs barfs if we try to mount it on a read-only
- * filesystem. For this use case I think admins are going to be
- * okay if we remount the rootfs here, rather than waiting until
- * later boot and `systemd-remount-fs.service`.
- */
- if (path_is_on_readonly_fs (TMP_SYSROOT))
- {
- if (mount (TMP_SYSROOT, TMP_SYSROOT, NULL, MS_REMOUNT | MS_SILENT, NULL) < 0)
- err (EXIT_FAILURE, "failed to remount rootfs writable (for overlayfs)");
- }
-
- if (mount ("overlay", TMP_SYSROOT "/usr", "overlay", MS_SILENT, usr_ovl_options) < 0)
+ unsigned long mflags = MS_SILENT;
+ // Propagate readonly state
+ if (!sysroot_currently_writable)
+ mflags |= MS_RDONLY;
+ if (mount ("overlay", TMP_SYSROOT "/usr", "overlay", mflags, usr_ovl_options) < 0)
err (EXIT_FAILURE, "failed to mount /usr overlayfs");
}
else if (!using_composefs)
--
2.41.0

4
ostree.spec
View File

@ -18,6 +18,10 @@ Source0: https://github.com/ostreedev/%{name}/releases/download/v%{version}/libo
License: LGPL-2.0-or-later
URL: https://ostree.readthedocs.io/en/latest/
# Backport https://github.com/ostreedev/ostree/pull/3129/commits/a1c1c0b500d23ff129adbfe9486a067788b24969
# To aid https://github.com/coreos/fedora-coreos-config/pull/2783
Patch0: 0001-prepare-root-Fix-composefs-ostree-admin-unlock-hotfi.patch
# Conditional to ELN right now to reduce blast radius; xref
# https://github.com/containers/composefs/pull/229#issuecomment-1838735764
%if 0%{?rhel} >= 10